opendev/system-config
Code Issues Proposed changes
system-config/modules/openstack_project/manifests/base.pp
Monty Taylor edaa31ebbd Add keys and script for puppet over ssh 
In anticipation of driving puppet over ssh, we need keys on the hosts
and the scripts on the master. Don't turn them on yet, because we want
to be able to do some by-hand testing of the mechanism.

Change-Id: I2c353777e2f8fb5a2e733ce405ba40427ce901e5
2014-04-15 20:24:16 -07:00

117 lines
2.9 KiB
Puppet
Raw Blame History

# == Class: openstack_project::base
#
class openstack_project::base(
$certname = $::fqdn,
$install_users = true
) {
if ($::osfamily == 'Debian') {
include apt
}
include openstack_project::params
include openstack_project::users
include sudoers
file { '/etc/profile.d/Z98-byobu.sh':
ensure => absent,
}
package { 'popularity-contest':
ensure => absent,
}
package { 'git':
ensure => present,
}
if ($::operatingsystem == 'Fedora') {
package { 'hiera':
ensure => latest,
provider => 'gem',
}
exec { 'symlink hiera modules' :
command => 'ln -s /usr/local/share/gems/gems/hiera-puppet-* /etc/puppet/modules/',
path => '/bin:/usr/bin',
subscribe => Package['hiera'],
refreshonly => true,
}
}
package { $::openstack_project::params::packages:
ensure => present
}
include pip
package { 'virtualenv':
ensure => '1.10.1',
provider => pip,
require => Class['pip'],
}
if ($install_users) {
package { $::openstack_project::params::user_packages:
ensure => present
}
realize (
User::Virtual::Localuser['mordred'],
User::Virtual::Localuser['corvus'],
User::Virtual::Localuser['clarkb'],
User::Virtual::Localuser['fungi'],
)
}
if ! defined(File['/root/.ssh']) {
file { '/root/.ssh':
ensure => directory,
mode => '0700',
}
}
ssh_authorized_key { '/root/.ssh/authorized_keys':
ensure => present,
user => 'root',
type => 'ssh-rsa',
key => 'AAAAB3NzaC1yc2EAAAADAQABAAABAQDSLlN41ftgxkNeUi/kATYPwMPjJdMaSbgokSb9PSkRPZE7GeNai60BCfhu+ky8h5eMe70Bpwb7mQ7GAtHGXPNU1SRBPhMuVN9EYrQbt5KSiwuiTXtQHsWyYrSKtB+XGbl2PhpMQ/TPVtFoL5usxu/MYaakVkCEbt5IbPYNg88/NKPixicJuhi0qsd+l1X1zoc1+Fn87PlwMoIgfLIktwaL8hw9mzqr+pPcDIjCFQQWnjqJVEObOcMstBT20XwKj/ymiH+6p123nnlIHilACJzXhmIZIZO+EGkNF7KyXpcBSfv9efPI+VCE2TOv/scJFdEHtDFkl2kdUBYPC0wQ92rp',
options => [
"command=\"${::openstack_project::params::allowed_ssh_command}\"",
'from="ci-puppetmaster.openstack.org"',
],
require => File['/root/.ssh'],
}
# Use upstream puppet and pin to version 2.7.*
if ($::osfamily == 'Debian') {
apt::source { 'puppetlabs':
location => 'http://apt.puppetlabs.com',
repos => 'main',
key => '4BD6EC30',
key_server => 'pgp.mit.edu',
}
file { '/etc/apt/preferences.d/00-puppet.pref':
ensure => present,
owner => 'root',
group => 'root',
mode => '0444',
source => 'puppet:///modules/openstack_project/00-puppet.pref',
replace => true,
}
}
file { '/etc/puppet/puppet.conf':
ensure => present,
owner => 'root',
group => 'root',
mode => '0444',
content => template('openstack_project/puppet.conf.erb'),
replace => true,
}
}
# vim:sw=2:ts=2:expandtab:textwidth=79
View Git Blame Copy Permalink